<?php
// +----------------------------------------------------------------------
// | SparkERP 优秀的进销存系统 
// +----------------------------------------------------------------------
// | Copyright (c) 2022~2099 http://erp.sparkshop.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: NickBai  <1902822973@qq.com>
// +----------------------------------------------------------------------
namespace app\controller;

use app\BaseController;

class Base extends BaseController
{
    public function initialize()
    {
        crossDomain();
        $this->checkAuth();
    }

    /**
     * 权限检测
     */
    protected function checkAuth()
    {
        // 校验用户的权限
        $userInfo = getJWT(getHeaderToken());
        if (empty($userInfo)) {
            exit(json_encode(dataReturn(401, '登录过期')));
        }

        $controller = lcfirst(request()->controller());
        $action = request()->action();
        $routePath = $controller . '/' . $action;

        $skipAuth = config('auth.skip_auth');

        if (!isset($skipAuth[$controller . '/*']) && !isset($skipAuth[$routePath]) && $userInfo['role_id'] != 1) {
            // 读取权限节点对比
            $authMap = cache($userInfo['id'] . '_auth_node');
            if (!isset($authMap[$routePath])) {
                exit(json_encode(dataReturn(403, '您无权限')));
            }
        }
    }
}